organize includes, fix possible null pointer, update patternfind.c, change some types

src/wufuc.sln

@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 15
-VisualStudioVersion = 15.0.27130.2024
+VisualStudioVersion = 15.0.27130.2036
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wufuc", "wufuc\wufuc.vcxproj", "{00F96695-CE41-4C2F-A344-6219DFB4F887}"
 EndProject
@@ -13,6 +13,20 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wufuc_setup_bat", "wufuc_se
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AdvancedInstallerHelper", "AdvancedInstallerHelper\AdvancedInstallerHelper.vcxproj", "{12498D61-02AF-4C13-925D-E130EEDE2543}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Repository Items", "Repository Items", "{E7EDB493-4D31-4646-8537-C515613689A6}"
+	ProjectSection(SolutionItems) = preProject
+		..\.gitignore = ..\.gitignore
+		..\appveyor.yml = ..\appveyor.yml
+		..\COPYING = ..\COPYING
+		..\DONATE.md = ..\DONATE.md
+		..\README.md = ..\README.md
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".github", ".github", "{ACE23C8E-C137-4B93-9147-DCF126E1248E}"
+	ProjectSection(SolutionItems) = preProject
+		..\.github\ISSUE_TEMPLATE.md = ..\.github\ISSUE_TEMPLATE.md
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|x64 = Debug|x64
@@ -39,6 +53,9 @@ Global
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{ACE23C8E-C137-4B93-9147-DCF126E1248E} = {E7EDB493-4D31-4646-8537-C515613689A6}
+	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {5070ABC4-3344-4D6E-B744-E3508B10A327}
 	EndGlobalSection

src/wufuc/callbacks.c

@@ -1,5 +1,4 @@
 #include "stdafx.h"
-
 #include "context.h"
 #include "callbacks.h"
 #include "hooks.h"
@@ -89,7 +88,13 @@ DWORD WINAPI cb_start(context *ctx)
         str = (wchar_t *)reg_query_value_alloc(HKEY_LOCAL_MACHINE,
                 L"SYSTEM\\CurrentControlSet\\services\\wuauserv\\Parameters",
                 L"ServiceDll", NULL, NULL);
+        if ( !str ) {
+abort_hook:
+                MH_RemoveHook(g_pfnRegQueryValueExW);
+                goto release;
+        }
         g_pszWUServiceDll = env_expand_strings_alloc(str, NULL);
+        if ( !g_pszWUServiceDll ) goto abort_hook;
         free(str);
 
         MH_CreateHookApi(L"kernel32.dll",
@@ -97,9 +102,8 @@ DWORD WINAPI cb_start(context *ctx)
                 LoadLibraryExW_hook,
                 &(PVOID)g_pfnLoadLibraryExW);
 
-        if ( g_pszWUServiceDll
-                && (GetModuleHandleExW(0, g_pszWUServiceDll, &hModule)
-                        || GetModuleHandleExW(0, PathFindFileNameW(g_pszWUServiceDll), &hModule))) {
+        if ( GetModuleHandleExW(0, g_pszWUServiceDll, &hModule)
+                || GetModuleHandleExW(0, PathFindFileNameW(g_pszWUServiceDll), &hModule) ) {
 
                 // hook IsDeviceServiceable if wuaueng.dll is already loaded
                 wufuc_hook(hModule);
@@ -110,7 +114,7 @@ DWORD WINAPI cb_start(context *ctx)
 
         // wait for unload event or parent mutex to be abandoned.
         // for example if the user killed rundll32.exe with task manager.
-        result = WaitForMultipleObjects(_countof(ctx->handles), ctx->handles, FALSE, INFINITE);
+        result = WaitForMultipleObjects(ctx->count, ctx->handles, FALSE, INFINITE);
         trace(L"Unload condition has been met.");
 
         switch ( result ) {

src/wufuc/context.c

@@ -1,5 +1,6 @@
 #include "stdafx.h"
 #include "context.h"
+
 #include <sddl.h>
 
 static bool ctxp_remove_handle(context *ctx, unsigned Index)

src/wufuc/dllmain.c

@@ -1,4 +1,5 @@
 #include "stdafx.h"
+
 #include <minhook.h>
 
 BOOL APIENTRY DllMain(HMODULE hModule,

src/wufuc/hooks.c

@@ -1,9 +1,8 @@
 #include "stdafx.h"
-
+#include "context.h"
 #include "hooks.h"
 #include "log.h"
 #include "registryhelper.h"
-#include "context.h"
 #include "wufuc.h"
 
 wchar_t *g_pszWUServiceDll;

src/wufuc/log.c

@@ -1,4 +1,5 @@
 #include "stdafx.h"
+
 #include "log.h"
 
 void logp_debug_write(const wchar_t *const format, ...)

src/wufuc/patternfind.c

@@ -144,7 +144,7 @@ void patternwrite(uint8_t *data, size_t datasize, const char *pattern)
 
         if ( patterntransform(pattern, writepattern, writepatternsize) ) {
                 DWORD OldProtect;
-                BOOL result = VirtualProtect(data, writepatternsize, PAGE_READWRITE, &OldProtect);
+                BOOL result = VirtualProtect(data, writepatternsize, PAGE_EXECUTE_READWRITE, &OldProtect);
                 if ( writepatternsize > datasize )
                         writepatternsize = datasize;
                 for ( size_t i = 0; i < writepatternsize; i++ )

src/wufuc/registryhelper.c

@@ -1,11 +1,10 @@
 #include "stdafx.h"
 #include "registryhelper.h"
-#include <sddl.h>
 
 PVOID reg_get_value_alloc(
         HKEY hKey,
-        const wchar_t *SubKey,
-        const wchar_t *Value,
+        LPCWSTR SubKey,
+        LPCWSTR Value,
         DWORD dwFlags,
         LPDWORD pdwType,
         LPDWORD pcbData)
@@ -31,8 +30,8 @@ PVOID reg_get_value_alloc(
 
 LPBYTE reg_query_value_alloc(
         HKEY hKey,
-        const wchar_t *SubKey,
-        const wchar_t *Value,
+        LPCWSTR SubKey,
+        LPCWSTR Value,
         LPDWORD pdwType,
         LPDWORD pcbData)
 {
@@ -100,15 +99,15 @@ PVOID reg_query_key_alloc(
         return result;
 }
 
-wchar_t *env_expand_strings_alloc(const wchar_t *src, LPDWORD pcchLength)
+LPWSTR env_expand_strings_alloc(LPCWSTR Src, LPDWORD pcchLength)
 {
-        wchar_t *result;
+        LPWSTR result;
         DWORD buffersize;
         DWORD size;
 
-        buffersize = ExpandEnvironmentStringsW(src, NULL, 0);
+        buffersize = ExpandEnvironmentStringsW(Src, NULL, 0);
         result = calloc(buffersize, sizeof *result);
-        size = ExpandEnvironmentStringsW(src, result, buffersize);
+        size = ExpandEnvironmentStringsW(Src, result, buffersize);
         if ( !size || size > buffersize ) {
                 free(result);
                 result = NULL;

src/wufuc/registryhelper.h

@@ -2,19 +2,19 @@
 
 PVOID reg_get_value_alloc(
         HKEY hkey,
-        const wchar_t *pSubKey,
-        const wchar_t *pValue,
+        LPCWSTR pSubKey,
+        LPCWSTR pValue,
         DWORD dwFlags,
         LPDWORD pdwType,
         LPDWORD pcbData);
 LPBYTE reg_query_value_alloc(
         HKEY hKey,
-        const wchar_t *pSubKey,
-        const wchar_t *pValueName,
+        LPCWSTR pSubKey,
+        LPCWSTR pValueName,
         LPDWORD pType,
         LPDWORD pcbData);
 PVOID reg_query_key_alloc(
         HANDLE KeyHandle,
         KEY_INFORMATION_CLASS KeyInformationClass,
         PULONG pResultLength);
-wchar_t *env_expand_strings_alloc(const wchar_t *src, LPDWORD pcchLength);
+LPWSTR env_expand_strings_alloc(LPCWSTR Src, LPDWORD pcchLength);

src/wufuc/rundll32.c

@@ -1,10 +1,10 @@
 #include "stdafx.h"
 #include "context.h"
 #include "callbacks.h"
+#include "log.h"
 #include "modulehelper.h"
 #include "registryhelper.h"
 #include "servicehelper.h"
-#include "log.h"
 #include "wufuc.h"
 
 void CALLBACK RUNDLL32_StartW(HWND hwnd, HINSTANCE hinst, LPWSTR lpszCmdLine, int nCmdShow)

src/wufuc/wufuc.c

@@ -1,12 +1,11 @@
 #include "stdafx.h"
-
 #include "context.h"
 #include "wufuc.h"
-#include "modulehelper.h"
-#include "versionhelper.h"
 #include "hooks.h"
 #include "log.h"
+#include "modulehelper.h"
 #include "patternfind.h"
+#include "versionhelper.h"
 
 #include <minhook.h>